Fun

News Feed - 2023-09-11 10:09:19

Brayden Lindrea7 hours agoLido assures LDO, stETH tokens remain safe despite flaw in token contractThe “fake deposit” attack enables bad actors to execute a transfer where the requested value is larger than what the user actually owns.2581 Total views21 Total sharesListen to article 0:00NewsJoin us on social networksEthereum staking protocol Lido Finance has assured both Lido DAO (LDO) and staked-Ether (stETH) tokens remain safe despite hackers allegedly exploiting a known security flaw in LDO’s token contract.


Lido didn’t confirm any exploits, but acknowledged the security flaw was known and reassured LDO and stETH funds remain safe in response to a Sept. 10 post by blockchain security firm SlowMist.


SlowMist said LDO’s flawed token contract allows bad actors to facilitate “fake deposit” attacks on exchanges because LDO’s token contract enables users to execute transactions even where they don’t have sufficient funds. This code deviates from the Ethereum Request for Comment 20 (ERC-20) token standard, according to SlowMist.


However, Lido Finance argued the flaw is built into all ERC-20 tokens — not just Lido’s LDO token:This behaviour is expected and conforms to the ERC20 token standard (see tweet below). Both LDO and stETH (and Lido governance) remain safe.

Lido token integration guides will be updated with LDO specifics to make this more visible shortly.— Lido (@LidoFinance) September 10, 2023


SlowMist said the “fake deposit” attacks came from LDO’s token contract executing transfers where the value is larger than what the user actually owns, triggering a false return as opposed to reverting the transaction. While the firm said Lido’s token contract has recently been exploited via this attack, no on-chain evidence was provided.


Cointelegraph reached out to SlowMist for comment but did not receive an immediate response.


Meanwhile, on-chain analyst “Hercules” explained on Sept. 10 that the security flaw may not be picked up by cryptocurrency exchanges.


SlowMist recommends LDO holders to also check the return values of the token contract transfers in addition to the success or failure of a transaction.


The blockchain security firm concluded that token contract implementations and behaviors vary by project and to conduct comprehensive testing before integrating any new tokens.


Related:Ethereum staking services agree to 22% limit of all validators


However, Lido highlighted in the official Ethereum Improvement Proposal document — co-authored by Vitalik Buterin in November 2015 — that both the “transfer” and “transferFrom” functions must return the transfer status and are only recommended to revert a transaction in exceptional cases.ERC20 token standard: https://t.co/YlrS1ZN6Fd

1) Both transfer and transferFrom are required to return transfer status and are only recommended to revert a tx in exceptional cases.

2) The standard says that a caller is obliged to check the return status (see 'Token methods'). pic.twitter.com/6KTcIyxo2F— Lido (@LidoFinance) September 10, 2023


To resolve the security flaw, Lido confirmed that the LDO token integration guides will soon be updated.


Collect this article as an NFTto preserve this moment in history and show your support for independent journalism in the crypto space.


Magazine:DeFi Dad, Hall of Flame: Ethereum is ‘woefully undervalued’ but growing more powerful# Altcoin# Security# Ethereum# Hackers# DAO# ERC-20# DeFi# Staking# Lido DAOAdd reactionAdd reactionRead moreHow to actually spend your Bitcoin, ExplainedCrypto VC: Risk and investment strategies with Shima CapitalHuman vs. AI: Who is better at crypto investing?

News Feed
Forget XRP At $3, Analyst Reveals How High Price Will Be In A Few Months
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
2025-04-16 00:00 AM
Upland and FIFA Officially Launch the FIFA World Cup Qatar 2022™ Experience in The Upland Metaverse
Upland and FIFA Officially Launch the FIFA World Cup Qatar 2022™ Experience in The Upland Metaverse sponsored FIFA and Upland have agreed to a multi-year partnership, starting with the FIFA World Cup Qatar 2022™ The
2022-11-10 09:00 AM
FTX to offload $1B Anthropic stake to pay off bankruptcy debts within weeks — report
Tristan Greene3 hours agoFTX to offload $1B Anthropic stake to pay off bankruptcy debts within weeks — reportCurrent investors such as Google and Amazon are not considering purchasing the stake, according to the report
2024-03-23 05:57 AM
Tornado Cash sees $1.9B resurgence this year despite sanctions
Tom Mitchelhill6 hours agoTornado Cash sees $1.9B resurgence this year despite sanctionsThe volume of new deposits into the OFAC-sanctioned crypto mixer has jumped significantly in the first half of 2024.2270 Total views
2024-07-19 11:29 AM
Alleged Hydra Administrator Refuses to Provide Access to His Crypto Wallet, Report Claims
Alleged Hydra Administrator Refuses to Provide Access to His Crypto Wallet, Report Claims A Moscow court has ordered the seizure of the crypto wallet of one of the alleged administ
2022-06-02 01:30 AM
Kazakhstan President Signs Law Increasing Tax Burden for Crypto Miners
Kazakhstan President Signs Law Increasing Tax Burden for Crypto Miners President of Kazakhstan Kassym-Jomart Tokayev has signed into law a bill amending the country’s Tax Co
2022-07-13 13:30 PM
Bitcoin’s Market Cap Is More Valuable Than the IMF’s Special Drawing Rights Reserves
Bitcoin"s Market Cap Is More Valuable Than the IMF"s Special Drawing Rights Reserves At its current price per unit, the decentralized cryptocurrency Bitcoin&rsqu
2020-11-06 08:00 AM
Rakesh Upadhyay5 hours agoPrice analysis 11/8: BTC, ETH, BNB, XRP, SOL, ADA, DOGE, TON, LINK, MATICBitcoin traders want to convert the $36,000 level to support, but will failure to do this kick off a market-wide correcti
2023-11-09 03:48 AM
Survey Finds Many Finance Managers Are Not Planning to Hold BTC— Volatility Cited as Key Concern
Survey Finds Many Finance Managers Are Not Planning to Hold BTC— Volatility Cited as Key Concern A new poll of finance managers by Gartner Finance finds that a
2021-02-18 04:30 AM
Russia’s Industrial Giant Rostec Announces Blockchain-Based Alternative to SWIFT
Russia’s Industrial Giant Rostec Announces Blockchain-Based Alternative to SWIFT Rostec, the Russian manufacturing and technology conglomerate, has developed a system allowing th
2022-06-04 20:30 PM
Report: Ethiopia-Based Crypto Service Providers Told to Register With the Country’s Cybersecurity Agency
Report: Ethiopia-Based Crypto Service Providers Told to Register With the Country"s Cybersecurity Agency Cryptocurrency service providers operating in Ethiopia are now required to
2022-08-28 19:30 PM
Bitcoin traders forecast ‘splendid’ bullish price action now that BTC is above $65K
Nancy Lubale2 hours agoBitcoin traders forecast ‘splendid’ bullish price action now that BTC is above $65KMultiple Bitcoin price metrics point to an incredibly bullish “post-halving growth trajectory.”1806 Total
2024-07-17 06:15 AM